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How Important Is Certification? 

Emmett Dulaney 


a: 

xV 


s soon as somebody says “certification”, a flood of 
responses usually follows. Most of the views expressed are 
typically along these lines: 


Is there any value in that? 

Are people still doing that? _ 

Isn't that for people who don t have experience ? 

What’s in it for me? 

That's just a piece of paper... 

Where can I find what's popular and get more information. 
Will my employer pay for it? 


And on they go. with people generally falling into one ot two 
camp s — those who think there is value in certification, and those 
who immediately dismiss the idea. Those in the first camp usually 
feel the way they do either because they hold certifications ot then 
own work in HR. or have been told by co-workers/acquaintances 
that certifications are valuable. Those who fall in the second camp 
never have certifications of their own. and often have many years 
experience on the job. 

To help understand these two camps better. 1 want to move 
away from the IT field for a moment. We have a tendency to think 
that the profession in which we work is unlike anything else that 
exists or has ever come before. How can anyone else understand 
or appreciate what it is like to rebuild a system after a crash, o 
write a script that pulls out the one key piece ot data hidden 
reams of numbers, or to implement a security system that allows 

vou to rest easily at night? 

The truth of the matter is that there is a great parallel between t e 
IT field and many other professions. Consider automotive repair tor 
example There are mechanics who have learned everyt mg y 
know through trial and error: they have little to no schooling m the 
trade but are naturals at what they do. Some ot them have an uncanny 
ability to diagnose what is wrong with a vehicle and know just^what 
to do to solve the problem quicker — and more effective y 
others They can't always explain what they do in a way someone 
out de the field would appreciate, and they may scoff a, lire idea 
of being able to learn some of wha, they know through trade 

Working in the same profession are mechanics who have 
o 0 ne to trade schools or dealer training and taken certification 
exams through the National Institute tor Automotive Service 
Excellence (ASE), for example. They may or may not aye le 
same innate' ability to fix vehicles, bu, they have fac¬ 
tions to show they’ve studied the topics and aie current 


Both are good to have in the field and both provide valuable 
v ; ces _ they can co-exist comfortably in the same vocation. Oi 
surface, it is impossible to say that one is better than another wh 
comes to working on your car, and you only learn that thrr 

repeated interaction with them. 

Now. imagine that you are the service manager tor the loca 

dealership and you have an opening. Who are you going to 
One applicant says that he has worked on cars his whole hie, s 
at certifications, and tells you he is a good mechanic. The ■ 
applicant also tells you he is a good mechanic but has num< 
pieces of paper that you can frame on the wall for customers to 
at Yes, some people with papers are simply good at passing 
and might turn out to be dumber than a box of hammers, bu 
might be equally true of a mechanic with experience only. 

The odds are that those pieces of paper make it easiei to s 
hirins decision toward the certified mechanic. Not only do 
papers slant it that way for someone in HR. but they have the f 
tial to do that for customers as well. For some reason. I just et 
ter knowing that the person working on my brake system ha: 
certified as a master mechanic in that specialty. 

Moving away from the analogy, apply those same though* 
While you don’t need a certification to do a job. it looks gi 
HR- it looks stood to customers, and it makes you stand ou 
from those who don't have any acronyms atter their 
Although a certification may not be a requirement tor the j< 
currently have, it can be helpful in gaining customers/contra, 
in helping you land a job. 


What’s Popular? 

Having established that certifications can be beneti 
must be'pointed out that being certified in Window 
(Windows for Workgroups) will get you nowhere in the 
today. If you are going to pursue a certification it needs t 
something that is presently in demand. That said, the lollo 
a list of six topic areas worth consideration. The list is u 
title- it is based upon the number of times the ceriit 
appear in job postings on Monster.com - as good a me: 
market demand as can be identified: 


Security — You can't go wrong with a security cert 
these days. Every business is struggling to balance the 
make resources available easily and simply against wha 
perceived as an invitation for harm or an open dotu to 
At the entry level, there is Security-i- from CompTIA. 
possibilities go upward from there, with almost evei 
vendor offering some sort of security certification. 


profession. 
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• Cisco — In this category, there is a huge number of listings not 
only for engineers (CCIE), but also for administrators (CCNA) 
and others with Cisco certifications. Despite the fact that Internet 
growth has slowed, there is still a need to support what is out 
there, keep systems current, and be able to milk bandwidth for all 
it is worth. Cisco offers a security specialization (CCSP) as well 
as certifications in a number of other areas of expertise. 

• Project Management — This occupation existed long before IT 
but has become so much a part of IT today that PMP (Project 
Management Professional) books are now shelved in the com¬ 
puter section of many bookstores. Of all the topic areas listed 
here, this one most clearly falls under the category of “soft 
skills”, meaning that it is not directly tied to any specific prod¬ 
uct or technology, but rather to a set of principles that needs to 
be mastered. Once you master those principles, they rarely date 
and are essentially good for life. 

• Entry level — There is always a demand for those with entry- 
level certifications because there are always more openings at the 
lower levels of any organization than the higher levels. To obtain 
any entry-level certification, you usually must pass one or two 


fairly simple tests (almost always multiple-choice) that show you 
understand the very basics of the topic. CompTIA has made a 
business of whipping out entry-level certifications with plus signs 
on them (A+ for hardware. Network-i- for networking. Server-i- for 
servers, and so on). While they are a very big player in this arena, 
they are not the only one. The Linux Professional Institute (LPI), 
for example, offers a very good entry-level Linux certification 
that is worth the paper on which it is written. 

• Linux — Numerous Linux certifications are available, ranging 
from engineer level (RHCE and CLE) down to the entry level. As 
the Internet becomes more and more dependent upon Linux as the 
OS running it. the need for those who know the intricacies of it 
increases. 

• Microsoft — While some say the engineer certification (MCSE) 
isn't as valued as it once was. it still crops up time and time again 
in job postings. 

Emmett Dulaney is the author of several books on Linux, Unix, and certifi¬ 
cation. He is a former partner in Mercury Technical Solutions and can be 
reached at edulaney@iques t.net. 
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T here are a number ot ways you can go about preparing tor a 
certification exam. Undisputedly. the best way is to actually 
have years of hands-on experience with every topic — and 
objective — on the exam that you are preparing to take. Since that 
isn't always possible (even in the workplace, you rarely are con¬ 
fronted with every issue that the test writers conjure up), there are a 
number of other ways to learn the topics. 


It you are good at sen-study, you can research topics on the internet 
(for free), purchase books/study guides/training manuals (slightly more 
expensive), or buy software-based learning aides like practice tests, 
simulations, and the like. If you are not good at self-study, you can 
consider short classes, boot camps, or vendor-sponsored/approved 
training. As a universal rule, the longer the course, or the more tailored 
it is to a niche topic, generally the more expensive it is. 


Training and Certification Information 



Accelerated Learning 
Center 

Advanced Concepts 
Training Corporation 

Batky-Howell, LLC 

BlackHat 

CSI 

Do you offer your own certifications? 

No 

No 

No 

Certicate of 
completion only 

No 

Do you teach skills needed to pass certifications 
from others? 

Yes 

Yes 

Yes 

Depends on 
the course 

Yes 

Do you offer vendor-neutral or vendor-specific 
training/certifications? 

Both 

Both 

Both types of training 
with emphasis on 
vendor-neutral 

Yes 

Both 

Do you serve the entry-level market 
(equivalent to Linux+)? 

Yes 

Yes 

Yes 

No 

Yes 

Do you serve the intermediate-level market 
(equivalent to LPI)? 

Yes 

Yes 

Yes 

Yes 

Yes 

Do you serve the high-end administrator market 
(RHCE/CLE/etc.)? 

Yes 

Yes 

No 

Yes 

Yes 

Do you offer standup classroom-style training? 

Yes 

Yes 

Yes 

We offer hands-on 
training that consists of 
both lectures and labs 

Yes 

Do you market software-based training materials? 

Yes 

Yes 

No 

Yes 

No 

Do you market your own texts or books? 

Yes 

Yes 

Yes 

No 

Yes 

What is the typical cost of a class or study program? 

$500 

$2,099 

$1,995 

$2,000 

Average 2-day public 
class $995, hands-on 
$1,945,3-day confer¬ 
ence $1,395. Member 
discounts apply. Lower 
per person rates for 
private, onsite training. 

How many years has your company been in business? 

28 

8 

15 

10 

32 

How many years has your company served the 
Unix/Linux market? 

25 

8 

15 

10 

N/A 

How many students have successfully completed 
training courses and/or obtained certification 
through the use of your materials? 

-50,000 

5,657 

-40,000 

1,000+ 

50,000+ 

Are you a member of any standards 
boards/organizations? 

Participate in IETF 
Working Groups 

No 

No 

No 

No 
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In an attempt to ascertain which vendors are offering what 
study materials, Sys Admin created a questionnaire and sent it to 
as many different businesses as possible. The answers and 
responses to those questionnaires have been compiled into the 
table that follows. It must also be noted that organizations 
behind many of the certifications (CompTIA, LPI. etc.) are not 
included in the list because they do not offer training materials, 
per se. but focus only on authenticating skills. 


While every attempt was made to contact as many different ven¬ 
dors as possible, the list may not be complete simply because some 
vendors did not respond or because their names were inadvertently 
overlooked in the mailing. If there are any vendors that should be in 
the list, but are not. please let us know. 

Emmett Dulaney is the author of several hooks on Linux, Unix, and certifi¬ 
cation. He is a former partner in Mercury Technical Solutions, and can be 
reached at: edu laney@iquest, net. 


Training and Certification Information 



EDULEARN, Inc. 

Fortuitous 
Technologies Inc. 

Harker Systems 

Kaplan IT 

Linux Box Corporation 

Linux Certified, Inc. 

MIS Institute 


No 

No 

No 

No 

Certificate of 
completion only 

No 

Yes 

1 

Yes 

Yes 

Yes 

Yes 

Yes 

No 

Yes 


Both 

Yes 

Vendor-neutral 

Yes 

Both 

Vendor-neutral 

Vendor -neutral 


Yes 

Yes 

No 

Yes 

No 

Yes 

Yes 


Yes 

Yes 

Yes 

Yes 

Yes 

Yes 

Yes 

1 

Yes 

Yes 

Yes 

Yes 

Yes 

Yes 

No 

1 

No 

Yes 

Yes 

No 

Yes 

Yes 

Yes 


Yes 

No 

No 

Yes 

Yes — 1st quarter of 
2006 Web-based training 

Yes 

No 

1 

No 

Yes 

Yes 

Yes 

No, include our own 
course material w/ class 

Yes 

No 

1 

$500 

$450/day/student 

$2,800 for 4-day 
Managing Internet Mail 
$1,599 for 2-day 
Advanced Topics 
in Sendmail 

Practice exams 
$99-$149 

$1,995 per student 
for a 5-day class 

$100-$1,599 

$1,395-52,295 

1 

9 

5 

16 

13 

6.5 

5 

28 


8 

5 

16 

n/a 

6.5 

5 

15 


10.000+ 

140 

1,500+ 

n/a 

-250 

-1,500 

200.000+ 


BBB 

No 

No 

n/a 

No 

Yes, LPI 

No 
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Training and Certification Information 


Netsysco PCTibbitts Planetlearn ProTech Professional Red Hat, Inc. 

Services, Inc. 

Do you offer your own certifications? No No No No Yes 

Do you teach skills needed to pass certifications Yes Yes Yes Yes No 

from others? 

Do you offer vendor-neutral or vendor-specific Yes Yes Yes Both Vendor-specific 

training/certifications? 

Do you serve the entry-level market Yes Yes Yes Yes Yes 

(equivalent to Linux+)? 

Do you serve the intermediate-level market Yes Yes No Yes Yes 

(equivalent to LPI)? 

Do you serve the high-end administrator market Yes No Yes Yes Yes 

(RHCE/CLE/etc.)? 

Do you offer standup classroom-style training? Yes No Yes Yes 

Do you market software-based training materials? No No Yes Yes Yes 

Do you market your own texts or books? Yes No No Yes No 

What is the typical cost of a class or study program? $2,000 Varies $500 $325/Student-day Classes range in the 

Red Hat Certified 
Engineer (RHCE) track 
from $1,998 to $2,498 


How many years has your company been in business? 

18 

3 (plus 11 prior to 
name change) 

8 

15 

12 

How many years has your company served the 
Unix/Linux market? 

3 

3 (plus 11 prior to 
name change) 

8 

15 

12 

How many students have successfully completed 
training courses and/or obtained certification 
through the use of your materials? 

500+ 

0 (we primarily 
utilize 3rd party 
course materials) 

3,000 

100,000 

200,000+ have com¬ 
pleted Red Hat training 
courses; 29.000+ 
are certified 

Are you a member of any standards 
boards/organizations? 

No 

No 

No 

Yes, USENIX, SAGE, 
USERBLUE, ASTD, 
COMPTIA 

Performance Testing 
Council 


Contact Information 

Accelerated Learning Center 

PO Box 780-B 

Lake Oswego. OR 97034 

503-635-6370 

http://www.alcpress.com 

Advanced Concepts Training 
Corporation 

1516 Willow Lawn Dr.. Ste. 101 
Richmond, VA 23230 
800-294-7497 
http://www.actisit.com 

Batky-Howell, LLC 

7245 S Havana St. Ste 100 
Centennial. CO 80112 
800-868-2202 x234 
http://www.batky-howell.com 


Black Hat 

2606 2nd Ave #406 
Seattle. WA 98121-1212 
www.blackhat.com 

Computer Security Institute 

600 Harrison Street, 6th Floor 
San Francisco, CA 94107 
415-947-6364 
http://www.GoCSI.com 

EDULEARN, Inc. 

3 Bethesda Metro Center, Ste 700 
Bethesda, MD 20814 
888-797-4040; 301-589-3349 
http://www.youlearn.com 


Fortuitous Technologies, Inc. 

4002 Burr Oak Ln. 

Austin, TX 78727 

512-351-7783 

http://www.fortuitous.com 

Harker Systems 
4182 Pleasant Hill Road 
Lincoln, CA 95648 
530-887-9990 
http://www.harker.com 

Kaplan IT 

10 S Wacker Dr, Ste 3425 
Chicago. IL 60606 
312-894-0693 
http://www.kaplanit.com 


The Linux Box Corporation 

206 South Fifth Avenue, Ste 150 
Ann Arbor. MI 48103 
734-761-4689 
http://www.linuxbox.nu 

Linux Certified, Inc. 

128 S Wolfe Rd. 

Sunnyvale. CA 94086 
877-800-6873; 408-314-6700 
http://www.linuxcertified.com 

MIS Training Institute 

498 Concord St. 

Framingham. MA 01702-2357 
508-879-7999 ext. 307 
http://www.misti.com 
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Training and Certification Information 



SANS Institute 

Software 

Development 

SpiderTools.com 

Stonehenge 

Suncochin 

Sun Microsystems 

Themis Training 


Yes 

No 

No 

No 

No 

Yes 

No 


Yes 

Yes 

Yes 

Yes 

Yes 

No 

Yes 


Primarily vendor-neutral, 
but have several 
vendor-specific 
certificate programs 

No 

Yes 

Both 

Both (Solaris & Linux) 

Vendor-specific 

training/certifications 

No 


Yes 

Yes 

Yes 

Yes 

Yes 

Training: yes 
Certification: no 

Yes 


Yes 

Yes 

Yes 

Yes 

Yes 

Training: yes 
Certification: yes 

Yes 


Yes 

Yes 

No 

Yes 

Yes 

Training: yes 
Certification: yes 

Yes 


Yes 

Yes 

Yes 

Yes 

Yes 

Yes 

Yes 


Yes 

No 

Yes 

Yes 

No 

Yes 

No 


Yes 

No 

Yes 

Yes 

No 

Yes 

No 


$650/Course day 

$595-51,895 

$195.00 

Varies 

$400 

Certification: $150; 
Practice certification 
exams: $75; Classroom 
training: $2,000-$3,000; 
Self-paced online 
training: $560 - 880; 
CD-ROM: $960 -$1,320 

Approx. $400 per day 


15 

20 

6 

20 

4 

23 

14 


15 

20 years 

6 

20 

4 

23 

10 

-- r 

50,000 students 
10,000 certifications 

over 100k 


Several thousand 

400 

Since 1996, more than 
700,000 people have 
purchased training or 
certification exams on 
the Solaris OS 

-60,000 


Yes. Oversight board 
for DoD Security 
Certification 

No 

No 

No 

No 

Yes 

IBM Training Partner, 
ITTC, IDUG, Various 
user groups 


Netsy >co 
PO Box 24413 
Louisville, KY 40224 
800-888-9028 
502-327-7748 x 220 
http://www.netsysco.com 

PCTibbitts LLC 

3204 Duvall Dr 
Norman. OK 73072 
405-579-3265 

http://tibbitts.freeshell.org 

Planetlearn 

107 Elm St.. Ste 205G 
Portland. ME 04101 
888-277-6556 
http://www.planetlearn.com 


Pro Tech Professional 
Services, Inc. 

610 Beatty Road 
Monroeville. PA 15146 
800-373-9188:412-810-8855 
http://www.protechtraining.com 

Red Hat, Inc. 

1801 Varsity Dr. 

Raleigh. NC 27606 
866-2REDHAT; 919-754-3700 
http://www.redhat.com/training 

The SANS Institute 

8120 Woodmont Avenue. Ste. 205 
Bethesda. MD 20814 
865-692-0978 
http://www.redhat.com 


SD Conferences 
CMP Media LLC 
600 Harrison Street 
San Francisco, CA 94107 
415-947-6162 
http://www.sdexpo.com 

SpiderTools.com 

Cyber Montana. Inc. 

Box 1262 

Trout Creek. MT 59874 

406-827-4648 

http://www.spidertools.com 

Stonehenge Consulting Services 

121 SW Morrison St., Ste. 830 
Portland, OR 97204 
503-777-0095 
http://www.stonehenge.com 


Suncochin 

South Janatha Road 
Pallarivatom. India 
011 0484 2337920 
http://www.suncochin.com 

Sun Microsystems 

http://www.sun.com 

Themis Training 

625 Central Avenue 
Westfield. NJ 07090 
215-885-8060 
http://www.themisinc.com 
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What Makes Salaries Rise for Security 
Professionals? 

Alan Paller 


S ystems administrators and security administrators work hard all 
day, protect critical assets, keep systems operating, clean up 
after the messes that users make, and generally keep the organi¬ 
zation operating smoothly. Yet, at the end of the day. they rarely know 
whether all that work is going to be rewarded and whether they are 
being treated fairly for the effort they are putting in. 

Now a new survey, sponsored jointly by Sys Admin magazine. 
Certification Magazine . and the SANS Institute offers a few 
answers. The answers may not work for every reader, but they just 
might provide a clue about what matters most in getting raises. 

The data used for this article reflects answers from 1.597 
Technical Security Professionals with titles like Systems 
Administrator. Network Administrator. Programmer. Security 
Engineer, Systems Engineer. Security Analyst/Consultant 
(hands-on). Security Auditor (hands-on), Systems Integrator. 
Security Penetration Tester, and Web Security Manager. Each of 
these people provided detailed answers to a 30-question survey 
between October 20 and November 10. 2005. Their answers con¬ 
stitute one of the clearest pictures ever of the developed of the 
technical security professional's job. 

Let's get to know the people who completed the survey. 

• 11% are women, and 89% are men. 

• Nearly a quarter (22%) are government contractors, reflecting the 
huge market for security professionals in government. 

• They are a well-educated group — 54% have undergraduate 
degrees, and 18% have Masters or Ph.D. degrees. 

• Most are individual performers, but 15% manage one to three 
subordinates, and 7% manage four or more subordinates. 

• Their employers range from very small to very large. The respon¬ 
dents are approximately evenly divided among the following 
employee size categories: 

Under 250(18%) 

251-2,000 (20%) 

2 . 001 - 10 . 000 ( 22 %) 

10.001 -50.000(21%) 

More than 50.000 (19%) 

• Nearly 90% have earned certifications: 

29% have earned vendor certifications, such as those from 

Microsoft or Cisco. 

22% have earned GIAC certifications. 

21% have earned CISSP or another ISC2 certification. 

12% have earned Security-!- or Network-i- or A+ certifications. 
4% have earned CISA or CISM certifications from ISACA. 

11 % have earned no certifications. 


• They have been working a long time: 

5% have fewer than 3 years of experience. 

8% have 3 to 5 years of experience. 

27% have 5 to 10 years of experience. 

36% have 10 to 20 years of experience. 

24% have more than 20 years of experience. 

Now that we know a little about who provided the information, let's 
try to determine what controls their salaries. 

We compared their salaries with the industries in which they 
work (see Table 1). From the table, one might think that moving 
to work for a utility or construction/resource industry or trans¬ 
portation company would be a good move. Sadly, there are very 
few jobs in those industries. So to get higher pay. one might have 
to move to government or banking or telecommunications com¬ 
panies. but that may also be hard because it requires learning an 
entirely new industry. 

We compared their salaries with the size of their employers (see 
Table 2). Not surprisingly, larger employers paid more, up to a 
point. Beyond 10.000 employees, there was no impact. If you work 
for a small- or medium-sized company, you could do better working 
for a larger company or government agency. But that, too, is hard. 
Larger organizations can be very bureaucratic and difficult for peo 
pie used to a more free-wheeling smaller organization. 

How Can You Earn More? 

So we started looking for what you can do inside your existing 
organization to earn more money. 


Table 1 Salary by industry 



Industry 

Median 

Salary 

Raise 

Utilities 

$77.9K 

3.10% 

Construction/resource industries 

$76.OK 

3.90% 

Government (defense and non-defense) 

$76.OK 

3.30% 

Transportation and transportation services 

$75.OK 

2.50% 

Banking/insurance/finance 

$74.7K 

3.90% 

Telecommunications and media 

$74.6K 

3.20% 

Manufacturing 

$73.9K 

3.30% 

Information technology 

$73.8K 

3.50% 

Services 

$70.4K 

3.40% 

Retail and wholesale 

$70.OK 

3.90% 

Healthcare 

$66.5K 

3.90% 

Education 

$55.3K 

3.00% 
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Orlando, Florida 


February 24 - March 4,2006 


SANS is one of the only venues that 
provides real world techniques from 
vendors currently working in the 
field. You get practical techniques 
that you can use to increase security 
in your environment the day that 
you get back" 

Tony Tulio, Comcast 
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411: SANS 17799 Security & Audit Framework 
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507: Auditing Networks, Perimeters & Systems 
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Management 

414: SANS® +S™ Training Program for the 
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We asked whether having a certification was worthwhile (see 
Table 3). The data showed that technical certifications matter and 
that multiple certifications matter more. 

We asked whether people with any of the three technical certi¬ 
fications groups earned more money (see Table 4). People holding 
the management-oriented certifications from ISC2 (CISSP) and 
ISACA (CISA, CISM) earned more than those holding more tech¬ 
nical certifications. Of the three technical certifications, GIAC 
holders had the highest salaries while vendor-specific certification 
and CompTIA certification holders made less. 

Then we went deeper and asked what respondents thought 
was most important to career advancement (see Table 5). Not 
surprisingly, 98% felt that technical skills were important or 
very important (80% felt they were very important). 

The tough question is how can professionals prove they have 
great technical security skills? Employers usually learn otherwise 
only when hackers have taken over the computers and stolen critical 
information or when some other incident has occurred. 

To try to get an answer, we asked people who held certifications 
(and obviously knew what they were worth) which of the certifica¬ 
tions would be the best indicator of hands-on technical security 
skills (see Table 6). 

Not surprisingly, respondents holding certain certifications 
thought that those certifications reflected strong hands-on security 
skills. For example, 75% of those holding vendor-specific certifi¬ 
cations (e.g.. Checkpoint or MCSE or CCNA) thought their certi¬ 
fications proved they had solid technical skills. Similarly, 91% of 
those who hold GIAC certifications said their certifications 
reflected strong hands-on security skills. 

What was surprising was that neither CompTIA certification 
holders (Security-!-, A+, etc.) nor ISC2 certification holders 
(CISSP, etc.) thought their certifications demonstrated strong 
hands-on security skills. These professionals voted nearly two to 
one that vendor-specific certifications and GIAC certifications 
were far better indicators of hands-on security skills than their own 
certifications were. 


• Dumb users I have to teach the same things to over and over. 

• Low salary. 

• No training budget. 

• Not responding to ideas for improvement, even when they 
solicited the ideas. 

• Doesn’t give us authority to make decisions. 

• Politics. 

Alan Paller is Director of Research for The SANS Institute. He can be 
reached at: paller@sans. org. 



Organization Size 

Salary 

Raise 

Fewer 

$59.9K 

3.60% 

250-1,999 

$63.7K 

3.40% 

2,000-9,999 

$69.5K 

3.30% 

10,000-49,000 

$79.5K 

3.40% 

50,000-99,999 

$84.8K 

3.70% 

100,000 

$79.3K 

3.30% 



0 certifications 

$66.3K 

3.20% 

1 certification 

$72.3K 

3.40% 

2 or more certifications 

$77.3K 

3.70% 



Certification 

Salary 

CompTIA (Security+, etc.) 

$62.8K 

ISC2 (CISSP, etc.) 

$84.2K 

ISACA (CISA) 

$81.7K 

GIAC 

$76.6K 

Vendor Specific 

$73.9K 


Salary Isn’t Everything 

Regardless of pay, you really need to like your job to have a sat¬ 
isfying career. We ended the survey by asking what respondents 
liked best and what they hated most about their employers. We didn't 
prompt them at all. but gave them a blank form in which to write 
their answers. 

In the “liked best” category the most often repeated entries 
included: 

• Gives me freedom to make decisions and try new ideas. 

• Listens to me and trusts me. 

• Allows me to get advanced training to keep my skills current. 

• Appreciates what I do and thanks me. 

• Gives me interesting and challenging 



Technical knowledge 

98.40% 

Communication (verbal and written) 

97.30% 

Critical thinking and judgment 

93.90% 

Teamwork and collaboration 

93.70% 

Ability to lead change 

88.80% 

Business knowledge/acumen 

86.80% 

Cross-functional influence 

80.80% 

--- 

Influence 

79.50% 

Facilitation 

74.60% 

Mentoring and coaching 

73.00% 

Strategic business planning 

60.60% 

Industry participation 

61.10% 


projects. 

• Gives me flexibility in hours. 

• Provides a relaxed work environment 
(most of the time). 

In the “liked least” category the most often 
repeated entries included: 

• Job overload and schedules that are too short. 

• Bureaucracy, layers of management, clue¬ 
less bosses. 
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ty Skills 

Certification Held 

CompTIA 

(Security+) 

ISC2 

(CISSP) 

ISACA 

(CISA) 

GIAC 

Vendor 

Specific 

CompTIA (Securitv+, etc.) 

29% 

40% 

8 % 

64% 

67% 

ISC2 (CISSP, etc.) 

10 % 

41% 

13% 

73% 

63% 

ISACA (CISA) 

20 % 

43% 

21 % 

71% 

66 % 

GIAC 

9% 

24% 

6 % 

91% 

53% 

Vendor Specific 

13% 

36% 

10 % 

65% 

75% 
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Test Your Knowledge 

Emmett Dulaney 


T hink you’re ready to whip out the company credit card and 
register for that certification exam that has caught your eye? 
Before you do, test your knowledge with this sample exam 
of questions covering basic to intermediate-level Linux/Unix topics. 

One caveat: over time. I've learned that there are risks involved 
in writing practice tests. The risks fall into two categories: first, 
there is almost always more than one way to do the same task in 
Linux or Unix, and second, *nix users love to point out that none of 
the possible answers are the way they would do it: they have a script 
they wrote, an application they purchased, or a friend who knows a 
guy who has a tool. etc. 

When you take an exam, however, whether it's Linux-i- from 
CompTIA. an exam from the Linux Professional Institute, or any 
other non-lab-based test, you have to pick the best answer from 
those choices presented to you. Don't over-think the question and 
talk yourself out of the correct answer. 

With that said, let’s see how well you do! (The answers can be 
found at the end of this article.) 

Questions 

1. Which utility is available in many Linux workstation implemen¬ 
tations for use in configuring the sound card? 

A. sndadmin 

B. sndmin 

C. sndconfig 

D.radius 

2. Which of the following represents the output of the following 
command: echo "alpha-beta" | sed 1 s/-.*$//’ 

A. alpha-beta 

B. alpha 

C. beta 

D. alpha-**** 

E. alpha-*eta 

3: You need to create a file named cow and send the output to it 
from the who *z command. You want all output — including stan¬ 
dard errors — to go to this file. Which command should be used to 
accomplish this? 

A. who -z > cow 

B. who -z 2> cow 

C. who -z >&1 cow 

D. who -z 2>&1 > cow 


4. Which of the following runlevels will reboot the system? 

A. 0 

B. 2 

C. 4 

D. 6 

5. The value of the BOSS variable has been set to TRUITT. What 
will the output of the command echo ’ $ BOSS ’ be? 

A. TRUITT 

B. BOSS 

C. SBOSS 

D. STRUITT 

6. You need to view all but the first seven lines of the similar.log 
file. What command should be used to accomplish this? 

A. head -7 similar.log 

B. head +7 similar.log 

C. tail -7 similar.log 

D. tail+7 similar.log 

7. What is the default subnet mask for a network beainnins with 
216? 

A. 127.0.0.1 

B. 255.0.0.0 

C. 255.255.0.0 

D. 255.255.255.0 

E. 255.255.255.255 

8. What authentication method does telnet use when the user is 
attempting to log on to a remote host? 

A. username 

B. password 

C. username and password 

D. /etc/telnet.hash 

You a,e late tor a meeting. You need to start the qwerty utility 
before heading to the meeting so it will run for the next few hours 
and compile weekly system usage results. Currently, you are losszed 
in as a legulai user, but the qwerty script requires root permission to 
run. How should you execute the script? 

A. su ; qwerty 

B. su qwerty 

C. su -c qwerty 

D. su : qwerty 
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10. You want to allow users to access the CD-RW device on your 
machine from any other host on the network via NFS. Further, you 
only want them to have read-only access to the device. Which line 
should you add to the /etc/exports file to allow this? 

A. /mnt/cdrom *(ro) 

B. /mnt/cdrom *(r) 

C. /mnt/cdrom * 

D. /mnt/cdrom 

11. What protocol does ping utilize to bounce packets? 

A. TCP 

B. IP 

C. ICMP 

D. IGMP 

12. Which configuration file is used to identify where system log 
messages are recorded? 

A. logrotate.conf 

B. syslog.conf 

C. conf.modules 

D. modules.conf 

13. You want users to be able to download files through anonymous 
FTP and do nothing further. What access should they have in the 
directory they will access? 

A. Read 

B. Write 

C. Execute 

D. Run 

14. Which tool can be used to check IP to MAC address resolution? 

A. ping 

B. arp 

C. ifconfig 

D. ipconfig 

15. You want to extract an archive from a tape. The archive was cre¬ 
ated using tar. and you want to copy all the contents trom the tape 
back to the system. What one option must you use with tar to 
accomplish this? 

A. c 

B. x 

C. v 

D. r 

16. By default, which protocol runs at port 110? 

A. LDAP 

B. Telnet 

C. POP3 

D. SMTP 

17. Which of the following commands can be used with FTP to 
place several files on a remote host? 

A. inget 

B. get 

C. put 

D. input 


18. You have been assigned the task of recommending password 
guidelines for users across the network. Which ot the following 
should you recommend for users creating passwords? 

A. Use a common word and misspell it. 

B. Use a mixture of upper- and lower-case letters, as well as num¬ 
bers and symbols. 

C. Use a mixture of random numbers. 

D. Use a mixture of random letters that do not produce an actual 
word. 

19. What is the best location for storing a Tripwire database on your 
system? 

A. On an attached CD-R system 

B. In the root directory 

C. On a backup tape storage drive 

D. On a Web database that is not located within the central network 

20. Which of the following files defines how FTP connection 
requests are processed by the TCP Wrapper? 

A. ftpusers 

B. /etc/hosts.allow and /etc/hosts.deny 

C. ftpaceess 

D. xferlog 

21. A variable has been set with the command W0RD=BINGO. Which 
command can be used to show that the variable WORD now has a 
value? 

A. set 

B. env 

C. show 

D. cat 

22. For legacy reasons, a huge file must be copied on a floppy to be 
transferred to another machine. What command can be used to 
make a file till more than one floppy ? 

A. limit 

B. cut 

C. chop 

D. split 

23. What search criteria would best be used to find the lines within 
the SYSADMIN file about booth “spaces” for an upcoming trade 
show? 

A. grep spaces SYSADMIN 

B. find spaces SYSADMIN 

C. sed spaces SYSADMIN 

D. search spaces SYSADMIN 

24. You want to combine two files together such that the fields from 
each file are combined into a single output. The first field of each ot 
the two tiles you will be using are identical. What utility can you 
use to create this file? 

A. od 

B. join 

C. paste 

D. comb 
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25. Which command will show all the tiles, including files begin¬ 
ning with a dot. in the long format? 

A. 1s -a | Is -1 

B. 1s -a ; Is -1 

C. Is -la 

D. Is - a\1 

26. Which of the following will set the variable DAY equal to FRI¬ 
DAY with the BASH shell? 

A. DAY FRIDAY 

B. DAY=FRIDAY 

C. DAY:FRIDAY 

D. $DAY FRIDAY 


27. You need to find all the files in your cur¬ 
rent directory that begin with “c”, “r”, “u”, 
“s”, or “h”, and end with “G”, “R”, “A”, “P'\ 
or “E”. Which command should you use to 
accomplish this? 

A. Is crush*GRAPE 

B. Is c*G c*R c*A c*P c*E r*G r*R 
r*A r*P r*E u*G u*R u*A u*P u*E 
s*G s*R s*A s*P s*E h*G h*R h*A 
h*P h*E 

C. Is [crush]?[GRAPE] 

D. Is [crush]*[GRAPE] 

28. After giving the command 
PSl="Kansas" on a server named System 9. 
what will the prompt now be? 

A. KansasS 

B. Kansas 

C. |System 9 Kansas] 

D. $ 

29. What variable can you echo, in BASH, 
to see the PID of the last jobs started? 

A. $$ 

B. $? 

C. $! 

D. !! 

30. Which ot the following devices would 
be the first SCSI hard disk on a Linux sys¬ 
tem. assuming devfs is not being used? 

A. /dev/sdO 

B. /dev/sdl 

C. /dev/sda 

D. /dev/sdb 

31. You are using the BASH shell and want to 
send your history file to development so they 
can figure out why problems keep occurring. 
What file should you attach to email? 

A. bash_history 

B. bashrc 

C. .bashrc 

D. .bash_history 
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32. Which utility can be used to list modules, remove modules, and 
add modules? 

A. modprobe 

B. insmod 

C. rmmod 

D. depmod 









AXIAR 

ALERT 


Automatically routing print streams based on user-defined 
parameters (such as page counts or file types) reduces print¬ 
ing costs and reduces printer-related help desk calls. 


UNIX, Linux and Windows server 
based software gives System 
Administrators the flexibility to 
deploy in OS of their choice 

m Enterprise-wide print queue 
management gains centralized 
control over print processes 

^ Cluster printing technology 
leverages existing printer 
infrastructure 

* Secure/restricted printer access 
reduces waste and fraud 

Automatic failover ensures print 
job delivery 

Queue Manager Screen 


^ Axiar (>Hrv*r Manager (JVM Cbent) 


Viewing print files online 
eliminates the need to print 

^ Printing partial job ranges 
reduces print volumes 

Re-routing print jobs reduces 
printer bottlenecks 

^ Remotely managing any Ipd 
or TCP/IP connected printer 
through a single interface 
delivers cross-platform print 
queue management 

Bi-directional device 
communications allows users 
to view device status remotely 


Network Commands Cptsons yefc 
Mocfrfy | HokJ/Retease | Start/Stop j Qetete j &emove ) c*stfav | 




^'Queue ^ Qutout Objects j 
Group By (printer 3 



AXIAR Port Test 


Pos 

jPages {Form {Gra*) |prnter i Status l( 

1Detrict4-RatePian6-f 

^38100 . jdUrtar? clusters Hc*l 

__ JDocun^nt 

_ '■‘t*' Lfuste*1 ___ kLyterl ^ 

1 2005 March Imvuk es 
4 MarlommMarfet June 

2362bm cluster 1 duster 1 Hold 

■4720 bn C-olor-LJ9500 Hold 


25bri fcjjjterl Ouster 1 

6 Test_Page 

7 Maaiframe Upload 

0 AXIAR ScreenShotsO* 

lb «n prnter3 Hold'?**] 

9437 **n Mainframe_PnnteHold - 

25 bm duster 1 duster 1 Hold 

9 f ull page fax _prmt 

1 bm AXIARPortTest Hold 

in file:/ /C :\SfU Ijetp\re 

11 Q3-Fast_Region Safe* 

lb** printer 1 Hold 

95 bln AXIARPortTest Hold 


We want you to be AXIAR ALERT! 

www.LBMsys.com 





I 


www.sysadminmag.com — Sys Admin — 13 



























































33. You are currently in the /usr/home/spencer/lists/phone directory. 
Your HOME variable is set to /usr/home/spencer and the PATH is 
set to /sbin:/usr/sbin. The OLDPWD variable is set to /root. When 
you give the command pwd. what directory will you then be in? 

A. /root 

B. /sbin 

C. /usr/home/spencer 

D. /usr/home/spencer/lists/phone 

34. Which of the tiles holds configuration information on how to 
manage terminal devices (respawn them)? 

A. /etc/initd 

B. /etc/inetd 

C. /etc/inittab 

D. /dev/inetd 

35. You are in the empty directory “abed" and you give the com¬ 
mand touch abed. What will the result of this command be? 

A. An error message will be returned. 

B. The times associated with the directory will be updated. 

C. A new file will be created. 

D. A new directory will be created. 

36. A user named kevin copies a file from the home directory of 
sarah. Within sarah’s home directory, the owner of the file was root. 
The directory that kevin copies the file into is evan's home direc¬ 
tory. and owned by evan. Who will appear as the owner of the file in 
evan’s home directory ? 

A. kevin 

B. sarah 

C. root 

D. evan 

37. Kristin is doing a number of operations on her system as she 
attempts to clean up tiles and make the system more manageable. 
Which of the following operations will take the least amount of time 
to complete? 

A. cp certification exam 

B. mv certification exam 

C. dd certification exam 

D. cp -i certification exam 

38. Kristin has been cleaning up tiles that are no longer used on her 
system. Inadvertently, she typed rm - r * when one directory further 
back than she thought she was. How can she restore the tiles that 
were accidentally deleted ? 

A. dd 

B. rm -i 

C. Ctrl-Z 

D. Restore from backup 

39. Karen wants to create a path consisting of several subdirectories 
that do not presently exist. Which command should be used for this 
purpose? 

A. md 

B. md -p 

C. mkdir 

D. mkdir -p 


40. With a umask value of 012, what are the default permissions 
assigned to newly created files? 

A. —x--x-wx 

B. -rw-rw-r— 

C. -r-xr-xr— 

D. -rw-rw— 

41 . Which of the following would produce the same display as ps - e? 

A. ps -f 

B. ps -A 

C. ps -1 

D. ps -u 

42. Which of the following will start a job in the background? 

A. - 

B. + 

C. % 

D. & 

43. A process with a PID number of 9876 has entered runaway 
mode. You have tried to remove it with a standard kill command, 
but it will not go away. What command can you use to be assured 
the process will terminate? 

A. kill -NOW 9876 

B. kill -HUP 9876 

C. kill -15 9876 

D. kill -9 9876 

44. You are getting ready to leave the office tor the day. About a 
minute ago, you started a job in the background to compile a report 
that may run for hours. When the compilation ends, you need 
another process to run to print the results. Which of the following 
commands will accomplish this ? 

A. bg {process} 

B. fg {process} 

C. wait $! ; {process} 

D. sleep ; {process] 

45. You have accidentally started a job that consumes a great deal 
of resources. You feel that this has the possibility of negatively 
affecting how other jobs run on the system. A hich command can 
you use to alter the priority level of this job ? 

A. nice 

B. start 

C. renice 

D. ps 

46. The fsck utility has found a number of corrupted files and you 
have chosen to correct the filesystem. To which directory are the 
corrupted tiles written? 

A. lost+found 

B. tmp 

C. etc 

D. / 
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47. Which ports, by default, are used by the SNMP protocol? 

A. UDP ports 20 and 21 

B. TCP ports 15 and 16 

C. UDP ports 161 and 162 

D. LDAP ports 163 and 164 

48. Which field of the /etc/passwd file defines the shell the user will 
receive? 

A. first 

B. second 

C. sixth 

D. seventh 

49. Which of the following are valid IP addresses available for 
assignment to a host? 

A. 200.127.127.1 

B. 1.5.10.256 

C. 256.1.1.1 

D. 127.0.0.2 

50. You want to Imd all the three-letter files in the current directory 
that end with the letter y. What command should you use? 

A. Is *y 

B. Is *y* 

C. 1s ??y 

D. Is ??y* 


Answers 

1. Sndconfig is a sound configuration tool that originally shipped 
with Red Hat. Answer: C. 

2. The sed utility will search for the dash (-) specified and then 
replace everything from it to the end of the line (signified by the 
dollar sign) with nothing (signified by the empty //). Answer: B. 

3. The who -Z 2>&1 > COW command will send standard output (1) 
and standard error (2) to the same place (&), which is specified 
as the cow file. Answer: D. 

4. A run level of 6 brings the system down and starts it back up 
again — rebooting it. Answer: D. 

5. The single quotations (') allow the variable to be taken literally, 
thus the valued echoed back is simply $BOSS. Answer: C. 

6 . Using the toil + command, you are able to see all the file except 
the number of lines at the beginning specified. In this case, all 
but the first seven are shown. Answer: D. 

7. A network beginning with 216 falls in the Class C category. The 
default subnet mask for all Class C networks is 255.255.255.0. 

Answer: D. 

8. The telnet utility uses both the username and password to authen¬ 
ticate the user. Answer: C. 

9. The ’C option with allows you to specify a command to run with 
the elevated privileges. Answer: C. 
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10. While this is not the most likely place to mount a CD-RW drive, 
it is important to be able to do so from here. Answer: A. 

11. The ping utility verifies connectivity between hosts by bouncing 
echoes using the ICMP protocol. Answer: C. 

12. The syslog.conf file controls the output of the syslogd daemon. 

Answer: B. 

13. You must set the execute bit on a directory in order for users to 
be able to access files in the directory. Answer: C. 

14. The arp utility can be used to check IP to MAC address resolu¬ 
tion. Answer: B. 

15. The x option is used with tar to extract. Answer: B. 

16. By default, POP3 runs at port 110. LDAP runs at port 389. 
Telnet at 23, and SMTP at 25. Answer: C. 

17. The mput command in FTP can be used to place multiple files 
on a remote host. Answer: D. 

18. Strong passwords should contain upper- and lower-case letters, 
as well as numbers and symbols. Answer: B. 

19. For security reasons. Tripwire databases should be stored on 
media that is not read-only. Answer: A. 

20. While this could also be done with inetd.conf or xinetd.conf, 
neither of those are possible answers. That leaves hosts.allow 
and hosts.deny as the only other answer that fits the question. 

Answer: B. 

21. Until a variable is exported, it will not show up in the environ¬ 
ment (choice B), but will display with the set command. 
Answer: A. 

22. The split utility will chop a file into smaller segments that can 
then fit onto a floppy. Answer: D. 

23. A thorough knowledge of grep and find is required for almost 
any exam, while knowledge of sed is required for many higher 
level exams. Answer: A. 

24. The join utility will combine the two files based on the same 
value being in the first file of each. If you did not want to use any 
intelligence whatsoever (in other words, the two files do not have 
any field in common), you could use paste. Answer: B. 

25. The Is -la command combines both options -a (show all 
files — including those that begin with a dot) with -1 (use the 
long listing). Answer: C. 

26. Most Linux/Unix exams can be considered BASFl-centric, so it 
is important to know how to set variables and work within the 
features/limitations of them. Answer: B. 

27. Using brackets ([ ]), you can set the search parameters to only 
entries within them. Answer: D. 

28. Setting the prompt to the literal value, it will become only that 
value. When doing this, you should always include a space 
before the last quotation mark, or some other character such as 
a greater than sign (», to be able to see the difference between 
the prompt and the commands you are giving. Answer: B. 

29. The value of $! will be the process ID number of the last job. 

Answer: C. 

30. The syntax used to denote disks makes sda the only correct 
choice. Answer: C. 

31. The BASH history tile is stored in the user's home directory as 
a hidden tile named .bash_history. Answer: D. 

32. The modprobe utility can be used to list modules. remo\e mod¬ 
ules, and add modules. Answer: A. 
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33. Since the pwd command only echoes the directory you are 
presently in. you will still be in /usr/home/spencer/lists/phone. 

Answer: D. 

34. The /etc/inittab tile is used to manage terminal devices, and you 
should know how many fields are in each entry and what values 
can be in each field. Answer: C. 

35. The touch utility is used to change the date on a tile. If no file 
exists by that name (the question states that the directory is 
empty), it will create a new fde by that name. Answer: C. 

36. Since Kevin is creating the new tile through the copy operation, 
he is the owner. If the tile were moved, the original owner 
would be kept, but copy must always use the person performing 
the operation as the owner. Answer: A. 

37. “mv” renames a pointer and will be finished in a faction of a 
second regardless of the file size. Answer: B. 

38. The only way to restore deleted tiles in Linux is to break out the 
backup tapes and restore from there. Answer: D. 

39. By default, mkdi r (choice C) will only allow you to create one 
tile, and the -p option must be used to create a path including 
subdirectories. Answer: D. 

40. The default permissions for newly created tiles are 666 (-rw-rw- 
rw-). When you “subtract” from the default with umask, you 
really are performing a “logical or” from what is there. A umask 

of 012 is equal to (-x-w-). When you remove that from the 

default, the correct answer is 664 (-rw-rw-r—). Answer: B. 

41. The -e option asks for everything, while the - A option asks tor 
all. The -f option (choice A) gives a full listing, but only for the 
current user. The -1 option (choice C) gives a long listing — 
again it would be only for the current user in this case. The -u 
option (choice D) adds user-related information. Answer: B. 

42. The ampersand (&) is used to start a job in the background. 

Answer: D. 

43. While there is no guarantee that kill -9 will terminate a zom¬ 
bie process, it is the best chance you have of so doing, and the 
best answer choice here. Answer: D. 

44. The dollar and bang signs ($!) represent the last process started 
in the background. When used with wait, the background 
process must end before the next process begins. Answer: C. 

45. Nice is a utility to start a job at a priority other than the default, 
but cannot be used once the job is running. Only renice can be 
used to change the priority of running jobs. Answer: C. 

46. The /lost+found directory holds the corrupted tiles. Usually 
they are so corrupted that their names are no longer known, and 
thus the tiles are written here by inode number. Answer: A. 

47. By default. SNMP uses UDP ports 161 and 162. Answer: C. 

48. The seventh, and final, field of the /etc/passwd file holds the 
shell entry for the user. If the field is blank, they automatically 
receive the default shell. Answer: D. 

49. To be a valid IP address for use by a host, the first octet must be 
between 1-223 (with the exception of 127), and the remaining 
octets can be between 0-255. Answer: A. 

50. The question mark character (?) indicates a single item, while the 
asterisk (*) signifies any item. Since you only want three-letter 
entries, use two question marks and the last letter. Answer: C. 

Emmett Dulaney, Linux+, LPI, etc. is the author of several books on Linux/Unix 

and certification as well as a columnist for UnixReview. Emmett can be reached 

at: edu ldliey@i ques t.net. Feel free to send him feedback on this sample test. 
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